ASIO insulted by statements it could abuse data retention powers

ASIO's director-general has restated that the organisation is not looking for new powers around data retention.

David Irvine, director-general at ASIO, has said it is insulting to think ASIO staff would abuse powers given to it around data retention.

“Most ASIO officers would find it frankly insulting to think that an organisation which prides itself on acting in accordance with the law and very, very heavy accountability processes would allow itself to deviate into unwarranted intrusions into privacy,” Irvine told Background Briefing yesterday.

Data retention: Who wants it, who doesn’t and why

“And we don’t have the time to do that – we have no need to do it. Why would we do it?...

“Let’s be realistic. ASIO simply doesn’t have the resources, the desire or the need to conduct prurient enquiries into any individual Australian. We only conduct inquiries with cause.”

Irvine reiterated to the program that the intelligence organisation did not want new powers and that data retention proposals would give it powers it already had.

He also said the proposals do not impinge on people’s privacy.

“We are talking about the modernisation of an interception regime. It does not mean extensive new powers. It means the ability to do what we could do 15 years ago and even 10 years and even five years ago that we are gradually losing the ability to do unless the law better accommodates the interception capability with the march of modern technology,” Irvine said.

Irvine also told the program that Australia has not experienced any terrorist attacks due to ASIO stopping them before they occurred, partly by exercising data retention powers.

However, Irvine said changing technology has meant instead of intercepting one telephone – a landline – the communications landscape today means ASIO needs to intercept several communications devices, which is making their job more difficult.

“We have not had near misses – we’ve had misses. In recent years there have been instances where devices have been used ... that we didn’t know about and we have missed information,” he said.

For example, Irvine said someone may have up to 10 different mobile handsets and a similar number of different sim cards.

Intercepting people with multiple devices and sim cards is not currently covered in a “convenient way”, Irvine said.

Recently Greens senator Scott Ludlam said other proposals currently being examined by the Parliamentary Joint Standing Committee on Intelligence and Security were also “creepy”, such as “the ability of intelligence agencies to commit crimes and then be forgiven for them behind the scenes”.

Irvine defended the proposals, stating ASIO officers or sources are sometimes required to penetrate terrorist groups and being part of that group would mean they are breaking the law and could be charged.

“What I would like to see is a removal of that ambiguity in those sorts of situations,” he said.

While Attorney-General Nicola Roxon has consistently stated she has not yet made up her mind about whether the data retention proposals should be implemented, she has said police investigations would be unable to create a picture of criminal activity without data retention laws.

Follow Stephanie McDonald on Twitter: @stephmcdonald0

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the Computerworld newsletter!

Error: Please check your email address.

Tags David IrvineASIOdata retention




Im insulted that our country has gone down this road of needing "data retension"...



David Irvine, director-general at ASIO, has said it is insulting to think ASIO staff would abuse powers given to it around data retention.

Its truly insulting to protest that ASIO staff, government politicians or bureaucrats won't abuse powers given to them at some stage.



But since all telephone lines (and ADSL) are tapped and sent to Canberra already is this only a new requirement because of the NBN?



If you have nothing to hide, what is the problem. Information security is about ensuring the security of the many; if along the way a few undesirables have their privacy invaded then I do not worry about that.



Ahh the ol you have nothing to hide BS...

"The idea that an individual can live in a surveillance society with nothing to fear so long as they have nothing to hide may, on the face of it, appear attractive. For those of us who think of ourselves as 'honest' - we pay our taxes, don't commit murders and are loyal to our partners - why indeed should we fear surveillance?

"Nothing to hide, nothing to fear" (NTHNTF) is a myth that is built on certain false assumptions, and these assumptions are never questioned when it is wheeled out as an argument to support whatever draconian surveillance measure is being pushed out in the face of citizen opposition (commercial organisations rarely try such an approach, since it dooms them to failure from the very beginning). These assumptions include:
Continuity: When a large data gathering exercise is started, the lifespan of the system will almost always be greater than that of its instigators. The most benign and caring government, authority or private company is inevitably subject to a change of management, and if the new executive does not share their moral stance, then data can be reused for very dangerous purposes. Those who provided data believing they had nothing to fear may find that data is misused in the future.
Context: Those who use the NTHNTF argument most commonly use it in the context of government collecting information about individuals. In the information age, the idea of a single entity holding that information does not hold true. The massive pressures to share information within and beyond government mean that information is constantly on the move. Sooner or later, information held by the government will be shared across the government and with the private sector.
Control: Whether through a sharing agreement, aggregation of databases or simply leaving a memory stick in a pub car park, information is always shared sooner or later. Information security professionals always assume a system to be insecure, and plan for when - not if - data is lost or corrupted.
Consistency: The most important issue is that of consistent use of accurate information across all authorities and all individuals."

Elijah B.


Hypocrisy. He and his organisation are happy to imply we are all possible criminals and/or terrorists by wanting to have access to everyone's personal information, but he's offended at the thought that his organisation may misuse that very same information. How about he makes all his personal information available to us? I've noticed that information travels in one direction only: from the ordinary punter to governments and big business, never the other way (unless it suits their purposes).

The argument that "If you've done nothing wrong you have nothing to fear" is historically and logically absurd. First, no-one is so clean in their lives to want to have everything disclosed to another; second, governments in history have been known to misuse information they collect to victimise their own citizens; third, personal and private lives are exactly that - personal and private; one shouldn't have to have all such details made available to anyone one else unless there is evidence to suspect that a crime is being committed. Most people don't want their lives to be an open book to others, especially to those who themselves are very secretive about their own.



The argument run by ASIO forgets one important point.
Historically throughout the world the biggest loss of personal information is usually from a Federal or State Government or related body or authority.Whether these organisations are hacked or simply leave a PC on a train, it is a fact.



Oh Paul, nothing to hide, nothing to fear. It's a ruse spy agencies use that is similar to someone who say's they have seen a UFO. That would be, 'so you see little green men then', followed by laughter.

Sam is spot on, and just to add to this that more people have been killed by governments that any other human cause. Many of them had nothing to hide.

Comments are now closed

New eftpos debit, credit chip cards include EMV security